Help Center

Version 2.0

Related Articles

• How will my customers know that my site is secure?
• What Is the encryption strength of your SSL certificates?
• What is an intermediate certificate?
• Generating a Certificate Signing Request (CSR)
• How do I install an intermediate certificate?
• HTTP vs. HTTPS
• Setting up a SSL for Intel vPro

Recognizing Secure Certificates as Valid on Palm OS Devices

Palm devices cannot communicate with servers that have SSL certificates installed that use the new UTF-8 industry standard format.

The RFC industry standard requires that secure certificates be issued using the UTF-8 format.

The Palm Operating System is using the "printablestring" format that preceded the current UTF-8 industry standard.

NOTE: For more information about the printablestring format, see http://en.wikipedia.org/wiki/PrintableString.

If You Require a Printablestring Encoded Certificate for Your Palm Device

Our issuing system issues a printablestring encoded certificate if the CSR was already printablestring encoded. Therefore, you need to create your CSR with software that defaults to printablestring encoding.

Palm OS owners who need a certificate in printablestring formatting may be able to create the proper printablestring CSR for submission to our system and receive a printablestring certificate using OpenSSL.

To Create a CSR in Printablestring Format using OpenSSL

1. Open OpenSSL
2. From the Start menu, select Run.
3. Type cmd and click OK.
4. Type c: and press Enter.
5. Type cd \openssl\bin and press Enter where "openssl" is the directory where you chose to install OpenSSL.
6. Using the command prompt, generate a private key:
   1. Enter a passphrase when prompted to.
   2. Type:
      openssl genrsa -des3 -out <name of your certificate>.key 2048
7. Using command prompt request a CSR:
   openssl req -new -key <name of your certificate>.key -out <name of your certificate>.csr
8. Using command prompt check CSR format type (printablestring or UTF-8):
   openssl req -noout -subject -nameopt show_type,sep_multiline -in csr.csr
9. The output will tell you if its printablestring or UTF-8
   
   Example:
   subject=
   C=PRINTABLESTRING:US
   ST=PRINTABLESTRING:AZ
   L=PRINTABLESTRING:Phoenix
   O=PRINTABLESTRING:testprintstring
   CN=PRINTABLESTRING:printablestring
   
   OR
   subject=
   C=UTF8STRING:US
   ST=UTF8STRING:AZ
   L= UTF8STRING:Phoenix
   O= UTF8STRING STRING:testprintstring
   CN= UTF8STRING STRING:printablestring
   
10. If the output is printablestring, submit the CSR for signing.
11. After receiving your certificate, save it into the same openssl/bin directory as your CSR and using command prompt you can check the certificate format using:
    openssl x509 -noout -subject -nameopt show_type,sep_multiline -in cert.crt

NOTE: If you need a .PFX file to install the printablestring formatted certificate onto a Windows server, you can use OpenSSL to convert the private key and certificate into a .PFX file.

Here are the OpenSSL docs for this process: http://www.openssl.org/docs/apps/pkcs12.html

TIP: We have provided re-key instructions with links to CSR Generation Instructions and our Installation Instructions in our Help Center.

NOTE: As a courtesy, we provide information about how to use certain third-party products, but we do not endorse or directly support third-party products and we are not responsible for the functions or reliability of such products.

• Not helpful
• Somewhat helpful
• Helpful
• Very Helpful
• Solved my problem